Senior Security Compliance Engineer

Overview

This is an incredible opportunity to be part of a company that has been at the forefront of AI and high-performance data storage innovation for over two decades. DataDirect Networks (DDN) is a global market leader renowned for powering many of the world's most demanding AI data centers, in industries ranging from life sciences and healthcare to financial services, autonomous cars, Government, academia, research and manufacturing.

"DDN's A3I solutions are transforming the landscape of AI infrastructure." – IDC

“The real differentiator is DDN. I never hesitate to recommend DDN. DDN is the de facto name for AI Storage in high performance environments” - Marc Hamilton, VP, Solutions Architecture & Engineering | NVIDIA

DDN is the global leader in AI and multi-cloud data management at scale. Our cutting-edge data intelligence platform is designed to accelerate AI workloads, enabling organizations to extract maximum value from their data. With a proven track record of performance, reliability, and scalability, DDN empowers businesses to tackle the most challenging AI and data-intensive workloads with confidence.

Our success is driven by our unwavering commitment to innovation, customer-centricity, and a team of passionate professionals who bring their expertise and dedication to every project. This is a chance to make a significant impact at a company that is shaping the future of AI and data management.

Our commitment to innovation, customer success, and market leadership makes this an exciting and rewarding role for a driven professional looking to make a lasting impact in the world of AI and data storage.

Job Description

As a Senior Security Compliance Engineer – Infinia, you’ll be the first compliance-focused hire embedded within a core product engineering team. This role combines hands-on control design, internal documentation, and customer-facing security responses — laying the foundation for scalable internal security and future audit readiness.

You’ll work across engineering, legal, and go-to-market teams to define and track security policies, risk registers, and remediation SLAs. You’ll also serve as a point of contact for customer trust documentation, vendor assessments, and light compliance mapping (e.g., SOC 2 readiness).

Key Responsibilities Policy, Risk, and Control Management

• Lead Create and maintain internal security policies, standards, and control documentation
• Track vulnerability SLAs, mitigation deadlines, and remediation status (POA&M-style)
• Build a scalable structure for risk and control visibility across engineering functions

Customer & Stakeholder Support

• Manage security questionnaires and third-party vendor reviews
• Collaborate with Legal, IT, and Engineering on evidence collection and ownership
• Support product and sales teams with security posture documentation and RFPs

Forward Compliance Foundations & Readiness

• Align internal practices to standards like SOC 2, NIST 800-53, or FedRAMP
• Contribute to control matrices, audit prep documentation, and readiness assessments
• Identify automation or tooling opportunities for scalable control tracking

Required Qualifications

• 5+ years of experience in security compliance, GRC, or risk governance
• Strong writing and organizational skills for policy, audit, or control documentation
• Familiarity with compliance frameworks (e.g., SOC 2, NIST, CIS, ISO 27001)
• Ability to work cross-functionally with legal, IT, product, and engineering stakeholders

Preferred Qualifications

• Experience supporting trust programs, security reviews, or vendor risk processes
• Knowledge of POA&M structures, SLA tracking, or security maturity models
• Exposure to GRC tooling or lightweight automation (e.g., scripting, dashboards)
• Comfort presenting security practices to external customers or partners

This position requires participation in an on-call rotation to provide after-hours support as needed.

Success Metrics – First 30 Days

• Review current policy and control documentation (if any)
• Draft initial risk register or remediation tracking framework
• Shadow security review or customer assessment processes
• Identify documentation gaps and propose structure

Success Metrics – Beyond 30 Days

• Policies and SLAs established across key security areas
• Customer questionnaires and RFPs supported without escalation
• Risk register and mitigation timelines actively maintained
• Internal teams aligned on ownership of controls and audit readiness

DDN

Join our dynamic and driven team, where engineering excellence is at the heart of everything we do. We seek individuals who love to challenge themselves and are fueled by curiosity. Here, you'll have the opportunity to work across various areas of the company, thanks to our flat organizational structure that encourages hands-on involvement and direct contributions to our mission. Leadership is earned by those who take initiative and consistently deliver outstanding results, both in their work ethic and deliverables, making strong prioritization skills essential. Additionally, we value strong communication skills in all our engineers and researchers, as they are crucial for the success of our teams and the company as a whole.

Interview Process: After submitting your application, one of our recruiters will review your resume. If your application passes this stage, you will be invited to a 30-minute interview during which a member of our team will ask some basic questions. If you clear the interview, you will enter the main process, which can consist of up to four interviews in total:

• Coding assessment: Often in a language of your choice.
• Systems design: Translate high-level requirements into a scalable, fault-tolerant service (depending on role).
• Real-time problem-solving: Demonstrate practical skills in a live problem-solving session.
• Meet and greet with the wider team.
• Our goal is to finish the main process in 2-3 weeks at most.

DataDirect Networks (DDN) is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity, gender expression, transgender, sex stereotyping, sexual orientation, national origin, disability, protected Veteran Status, or any other characteristic protected by applicable federal, state, or local law.

#LI-Remote